hotpatching Archives

Winsage

April 21, 2026

Planning your path to Windows Server 2025: What organizations are prioritizing in 2026 | Microsoft Windows Server Blog

Windows Server remains essential for critical workloads globally, with organizations needing to improve security, streamline patching, and maintain resilience in complex hybrid environments. The Windows Server Summit 2026 will take place from May 11–13, focusing on actionable guidance in security, patching, resiliency, and hybrid operations. Key areas of investment for 2026 include upgrade planning for Windows Server 2025, hybrid governance and management through Azure Arc, and operational consistency at scale with monitoring and patch automation. The Summit will provide insights into future Windows Server developments and facilitate direct interaction with Microsoft's product team. Attendees will receive practical guidance on upgrade strategies, operational patterns, security considerations, and hybrid management scenarios. Common triggers for evaluating changes include planning transitions to Windows Server 2025, reassessing patch cadence, standardizing hybrid operations, and addressing operational fragmentation. The event is aimed at enterprise IT professionals seeking to secure and modernize their Windows Server environments.

Winsage

April 20, 2026

Planning your path to Windows Server 2025: What organizations are prioritizing in 2026 | Microsoft Windows Server Blog

Windows Server is facing increasing operational demands due to the need for quicker patch cycles, enhanced system resilience, and complexities from hybrid environments. The Windows Server Summit 2026, scheduled for May 11–13, will address these challenges by providing actionable insights on security, patching, resiliency, and hybrid operations. Key areas of focus for organizations include upgrade planning for Windows Server 2025, hybrid governance and management through Azure Arc, and maintaining operational consistency at scale with monitoring and patch automation. The Summit will feature scenario-based technical sessions and live Q&A opportunities with Microsoft’s engineering and product teams. Common triggers for reevaluation of Windows Server operations include plans to transition to Windows Server 2025, reassessment of patch cadence, efforts to standardize operations across hybrid deployments, and recognition of operational fragmentation. The event aims to provide practical guidance for enterprise IT professionals to secure and modernize their Windows Server environments.

Winsage

March 20, 2026

Microsoft breaks Microsoft account sign-ins in Windows 11 with latest update

Microsoft is facing a significant issue affecting account sign-ins for Windows 11 versions 25H2 and 24H2 due to a recent update. Users signing in with Microsoft accounts may receive error messages indicating a lack of internet connectivity, despite being online. This issue does not affect businesses using Entra ID for authentication. Microsoft has acknowledged the problem and suggested that it may resolve on its own, with a device restart often helping if the device is connected to the internet. However, restarting without an active connection may perpetuate the issue. Microsoft is working on a resolution and may release an out-of-band update to address the complications from the March 10 update. Additionally, enterprise users have reported Bluetooth problems with hotpatching enabled.

Winsage

March 11, 2026

Hotpatching goes default in Windows Autopatch whether you like it or not

Microsoft will enable hotpatch security updates by default starting with the May 2026 Windows security update. Hotpatch updates allow security enhancements to be applied without system restarts, while quarterly baseline updates will still require a restart. Windows Autopatch will manage updates using "testing rings" to progressively roll out updates and address any issues. Devices must run Windows 11 24H2 or later and have the April 2026 security update installed to receive hotpatch updates automatically. Existing update policies will remain intact, and administrators can opt out of hotpatch updates at the tenant or group policy level.

Winsage

November 4, 2025

Microsoft WSUS Patch Breaks Hotpatching on Windows Server 2025

A recent Microsoft security update (KB5070881) aimed at fixing a critical vulnerability in the Windows Server Update Service (WSUS) inadvertently disrupted hotpatching for some Windows Server 2025 systems enrolled in the Hotpatch program. This disruption prevents affected servers from applying updates without requiring a restart, forcing administrators to revert to traditional cumulative updates until January 2026. The vulnerability, CVE-2025-59287, allowed potential remote code execution by exploiting weaknesses in WSUS. Microsoft has since released a new update (KB5070893) that addresses the vulnerability while restoring hotpatching capabilities for those who have not yet installed the problematic update.

Winsage

November 3, 2025

Microsoft: Patch for WSUS flaw disabled Windows Server hotpatching

An out-of-band security update, KB5070881, has disrupted the hotpatching feature for some Windows Server 2025 devices. This update was released alongside reports of the CVE-2025-59287 remote code execution vulnerability. The Cybersecurity and Infrastructure Security Agency (CISA) has instructed U.S. government agencies to strengthen their systems against this vulnerability. Microsoft has acknowledged that the OOB update caused some Hotpatch-enrolled Windows Server 2025 systems to lose their enrollment status and has ceased distributing the update to these devices. Those who installed the update will not receive Hotpatch updates in November and December but will get standard monthly security updates. Administrators can install the KB5070893 security update to address the CVE-2025-59287 flaw without disrupting hotpatching. Microsoft has also disabled the display of synchronization error details in its WSUS error reporting system and resolved various issues affecting Windows 11.

Winsage

October 27, 2025

Microsoft: New policy removes pre-installed Microsoft Store apps

Microsoft has introduced a new app management policy for IT administrators managing Windows 11 Enterprise and Education devices, allowing the removal of pre-installed Microsoft Store apps (in-box apps). This feature is available for devices running Windows 11 Enterprise 25H2 and Windows 11 Education 25H2 through management tools like CSP, GPO, and Microsoft Intune. The policy simplifies app management by eliminating the need for custom installation images and complex scripting, enabling administrators to efficiently select and remove apps from a predefined list. The policy is disabled by default and must be enabled by administrators. It is compatible with both Group Policy and MDM solutions, including Microsoft Intune. Implementation steps for Microsoft Intune include creating a new policy in the admin center, configuring settings to enable the removal of default Microsoft Store packages, and assigning the policy to desired device groups.

Winsage

October 3, 2025

Transforming security and compliance at Microsoft with Windows Hotpatch

Security updates are crucial for system integrity, but traditionally require a reboot, causing productivity interruptions. Microsoft has introduced Windows Hotpatch, which allows critical updates to be applied without rebooting, enhancing compliance and user satisfaction. Hotpatch modifies in-memory code while the system is operational, leading to immediate updates without downtime. It is designed for efficiency with small payloads that minimize performance impact. Hotpatch updates undergo the same validation as standard updates and can address zero-day vulnerabilities without requiring a reboot. This technology is available for Windows 11 version 24H2 or later, Windows 365, Azure Virtual Desktop, and Windows Server 2022/2025 Azure Edition, with appropriate licensing. Hotpatch has evolved from internal server capabilities to support client machines and integrates with Autopatch, automating the update process for enterprise environments. Microsoft Digital plans to scale Hotpatch to 450,000 devices within four months, achieving high compliance rates quickly—81% within 24 hours and 90% within five days, compared to previous timelines of up to nine months. Since its general availability in April, Hotpatch has been deployed to over 4 million devices globally, enhancing user experience by making updates seamless and unobtrusive. Plans for further expansion and improvements in compliance visibility and reporting are underway.

Winsage

June 26, 2025

The Windows Resiliency Initiative: Building resilience for a future-ready enterprise

Resilience is now a strategic necessity for organizations, prompting Microsoft to launch the Windows Resiliency Initiative (WRI) to integrate resilience and security into the Windows platform. In September 2024, Microsoft held the Windows Endpoint Security Ecosystem Summit (WESES) with endpoint security vendors and government representatives to discuss enhancing resilience. Following the summit, collaboration with Microsoft Virus Initiative (MVI) partners has increased, focusing on improving Windows security and reliability through rigorous testing and safe deployment practices. Next month, Microsoft will begin a private preview of a new Windows endpoint security platform for select MVI partners, allowing security solutions to operate outside the Windows kernel for better reliability. Microsoft has released the Windows Resiliency Initiative e-book to guide organizations in building resilience. Innovative products introduced under the WRI include: - Quick machine recovery (QMR) for faster recovery from unexpected restarts, reducing downtime to approximately two seconds. - Microsoft Connected Cache to enhance bandwidth efficiency during updates by caching content locally. - Universal Print anywhere for secure printing from any location. - Hotpatch updates for critical security updates without requiring a restart. - Windows 365 Reserve for secure access to a temporary Cloud PC during device disruptions.

Winsage

May 24, 2025

Microsoft Tells Nearly All Windows Users—You Must Reboot Your PC

This month's KB5058497 update for Windows 11 24H2 introduces the first 'hotpatch' update, allowing installation without a reboot, but it is only available for Windows 11 24H2 Enterprise users. There is no timeline for extending this feature to Pro and Home users. To use hotpatch updates, users must have a Microsoft subscription that includes Windows 11 Enterprise E3, E5, or F3, Windows 11 Education A3 or A5, or a Windows 365 Enterprise subscription, along with devices running Windows 11 Enterprise version 24H2 (Build 26100.2033 or later), an x64 CPU, Microsoft Intune for deployment management, and Virtualization-based Security (VBS) enabled. Users of Windows 11 24H2 or older versions must reboot their systems to apply new security updates, except for specific patches for Windows Defender, while every third update will still require a reboot. KB5058497 is scheduled to be released between May and June 2025 during the 'no restart' period, and it has been reported to install seamlessly without prompting for a reboot. Users of Windows 11 Home and Pro still face the traditional monthly reboot requirement for updates.